If I am got a DoS attack or Spam, I need the IP to find out to whom I should file abuse complain.
Do we need to sanitize SMTP header too? How about shuting down DNSBL?